42bae9f4f20fe0e5901cac74c44a5f4d86b91a9211ff2f374c52e4a6782bb3ef_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

42bae9f4f20fe0e5901cac74c44a5f4d86b91a9211ff2f374c52e4a6782bb3ef_NeikiAnalytics
Size

2.0MB
MD5

23f6771c4dba18c1cf1d267193b64910
SHA1

f5e1b1beb35c5db337349807ea9fd6471ed89bc8
SHA256

42bae9f4f20fe0e5901cac74c44a5f4d86b91a9211ff2f374c52e4a6782bb3ef
SHA512

f0c2f278cab339b668856b445a7a1c0a3009bd5dab1a0c2205ec2b9629f89618629821b416b97a872c4dcb97f6b606ff1e269dc7637da2b95fb89d56e57bd67a
SSDEEP

24576:fc/c5PYI6yZYwCOtEClfzgaBeGEupdooJ18U1lUvkOme+LoatnqTNtEfOjethFXZ:MOP2akeyo1fXEmtqxoFhdbtzbXldqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42bae9f4f20fe0e5901cac74c44a5f4d86b91a9211ff2f374c52e4a6782bb3ef_NeikiAnalytics

Files

42bae9f4f20fe0e5901cac74c44a5f4d86b91a9211ff2f374c52e4a6782bb3ef_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

c68454b1a6fa895ee07bc6241742566d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
SetFilePointer
CreateDirectoryA
GetCommandLineA
CreateMutexA
GetSystemPowerStatus
GetStdHandle
RaiseException
WriteFile
GetFullPathNameA
LocalFree
lstrlenA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
DeviceIoControl
CloseHandle
GetEnvironmentVariableA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
GetVersionExA
Sleep
GetDriveTypeA
DeleteFileA
InterlockedDecrement
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
GetFileType
ReadFile
GetStartupInfoA
GetVersion
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
FlushFileBuffers
SetStdHandle
SetHandleCount
SetEndOfFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
HeapSize

user32

SetForegroundWindow
MessageBoxA
FindWindowExA
DialogBoxParamA
ExitWindowsEx
SendMessageA
LoadIconA
SetWindowLongA
GetWindowLongA
GetDlgItem
SetDlgItemTextA
EndDialog
wsprintfA

advapi32

OpenProcessToken
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
RegOpenKeyExA
RegSetValueExA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
DeleteService
OpenSCManagerA
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
LookupPrivilegeValueA

ole32

CoInitializeSecurity
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeEx

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c68454b1a6fa895ee07bc6241742566d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 32KB - Virtual size: 28KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 32KB - Virtual size: 28KB